Assuming that the radio and router are separate and only the radio firmware is locked down, is there any way that the NSA could snoop on the content? Or are you saying you want to have the right to reprogram the radio?
I'd be happy [1] with locked-down radio firmware if it could talk only to the radio.
One big problem is that coprocessors in embedded systems often have full access to the memory bus, meaning there's no way to stop a trojan in the closed and locked radio firmware from reading and modifying any bit of system memory, which can include your personal data and encryption keys.
[1] Although I'd hope that it'd still be possible to buy or build a general-purpose SDR.
I would have thought (correct me if I'm wrong) that it would be pretty straightforward to give the radio unit its own memory, and not give it access to the system memory bus at all. However I don't know if manufacturers will want to go to the trouble of segregating the radio.
One big problem is that coprocessors in embedded systems often have full access to the memory bus, meaning there's no way to stop a trojan in the closed and locked radio firmware from reading and modifying any bit of system memory, which can include your personal data and encryption keys.
[1] Although I'd hope that it'd still be possible to buy or build a general-purpose SDR.